Building Scalable APIs with AWS API Gateway
September 16, 2016
Originally published at foodora/foodpanda tech blog
We strongly believe that is important to keep up to date in our tech stack and be close to the tech community. Therefore foodpanda hosted the AWS User Group Berlin edition of November 2016. At this event, we were invited to share our experience using serverless architecture with AWS API Gateway.
About API Gateway
There is a lot of excitement around serverless architecture and it is for a good reason, abstracting the tedious details of configuration and management of your architecture can make a lot of sense for the right application, the AWS API gateway is one of the several tools that allow you this.
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale, it handles all the tasks involved in accepting and processing up to hundreds thousands of concurrent API calls, including:
Traffic management Authorization and access control Monitoring API version management
Reasons to choose API Gateway
Speed and reduced infrastructure footprint are the 2 biggest reasons to choose to use API Gateway. When you choose API gateway all the servers, security, scaling and monitoring are managed for you.
The API gateway is designed for the developer who wants to quickly build APIs while reducing the cross team developing efforts and increase the time to market for your applications.
- Greenfield projects
- Building MVP to quickly gauge customer interest
- Minimal backend investment
Reasons NOT to choose API Gateway
Since servers, security, scaling and monitoring are managed for you this means also that you don’t have many inputs of how those features are fulfilled. If your application has a unique constraint that can’t be fulfilled with the managed services, API Gateway may not be a good fit.
E.g.: If your application has the requirement of provide audit logs from the underlying hosting services, or, if you are in a specific security environment that does not allow hosted services.
If your organization has a strong, proven infrastructure and a DevOps organization that can provide similar services, introducing a new technology might not be good.
Code and slides
This is my personal blog, where I share about the people I meet, the books I'm reading, and what I'm learning. I hope that you'll join the conversation. Follow me on Twitter